Security of Things Network Connectivity

[ NanoSec™ ]

Security of Things includes comprehensive IPsec and IKEv1/v2 solution with integrated certificate management functionality.

Problems Solved

IPsec/IKE is a standard designed by IETF to provide interoperable, high quality, cryptographically-based security for IP communication. It's useful for providing authentication (to ensure peers are communicating with the intended trusted parties), data confidentiality (to ensure data cannot be read in transit) and message integrity (to ensure traffic has not been altered in transit). These security services are provided at the IP layer, offering protection to all the protocols carried over IP.

IPsec provides a great deal of flexibility and granular control over the security services offered. The most popular application of IPsec is the VPN (Virtual Private Network) which creates a secure encrypted "tunnel" over the unsecured Internet. Once a VPN is established, the two ends can run virtually any data, voice and video application securely. IPsec is terrific for reducing the threat of packet sniffers or man-in-the-middle attacks.

Unfortunately, most IPsec packages are designed for PC's, not embedded devices. That means that they can be somewhat unwieldy in memory-constrained device environments... and the performance of typical commercial or open-source IPsec offerings can be pretty disappointing, as well.

NanoSec™ is the answer.

NanoSec is Mocana's ultra-optimized, micro-footprint IPsec/IKE solution specifically designed to speed product development while providing best-in-class device security services for resource-constrained environments. And it's surprisingly affordable: your NanoSec total cost of ownership will usually be substantially less expensive than open source.

 NanoSec Benefits

Works Where Others Won't
NanoSec fits into tiny memory footprints where other implementations simply can't... and open-source packages can't match Mocana's throughput performance. The Mocana Acceleration Harness for NanoSec is available for several popular platforms, offloading IPsec and IKE crypto operations from the main CPU and delivering 10x-30x performance enhancements. In fact, NanoSec is the highest performance IKE/IPsec package on the market.

FIPS Certified with NSA Suite B Support
All government agencies and most contractors require FIPS-certification of cryptographic engine —a difficult certification to achieve. NanoSec's core cryptographic engine is available to you in source, or as a government-certified FIPS 140-2 Level 1 validated binary. Both source and binary versions include full support for NSA's Suite B algorithms, providing secure communications between high-assurance (classified) and basic-assurance systems.

Complete Solution
There are a lot of other IPsec/IKE packages out there. But almost all of them are incomplete—missing critical standards, algorithms or code that you'll need to finish your IPsec/IKE implementation. Only NanoSec offers everything you need together in one package, to get the job done right—and fast. Guaranteed.

GPL-Free Code
NanoSec is usually less expensive than "free" open source code, especially when engineering, testing and support costs are factored in. Since we guarantee that NanoSec contains absolutely no GPL code, you can be confident your intellectual property won't accidentally become public domain because of "GPL contamination"—something open source projects can't do.

Supported on a Variety of Platforms
NanoSec is available for many versions of Linux, Windows, VxWorks, ThreadX and QNX. If your platform isn't listed, give us a call, as this list changes frequently.

No Crypto Expertise Required
NanoSec features an extremely powerful, but simple and easy-to-use API. You don't need to be a crypto expert, because NanoSec hides all of the complexity of the cryptography. You can focus on your development project, and let NanoSec worry about the security. Plus Mocana's developer support team is always available to answer your questions about our products or embedded development in general.

Dramatically Speeds Your Development Cycle
NanoSec is a ready-made, pre-optimized and exhaustively tested IPsec solution that frees your in-house development resources to focus on what's really important: the functionality of your project. NanoSec allows you to develop proprietary systems while giving you the freedom to substitute in the commercially available components you choose.